Multi-Tenant Isolation

ATHENA provides complete data isolation between customers using PostgreSQL Row-Level Security (RLS).

How It Works

Every database table includes a customer_id column with RLS policies:

-- Example: Decision table RLS policy
CREATE POLICY customer_isolation ON decisions
  USING (customer_id = current_setting('app.customer_id')::uuid);

Enforcement Levels

Level

Mechanism

Bypass Possible?

Database

PostgreSQL RLS

Application

Query filters

No (redundant)

API

Authentication

Validation

100% test coverage for customer isolation
390M+ records processed with no cross-customer leaks
Automated testing in CI/CD pipeline

How Requests Are Isolated

1. Request received → API key validated
2. Customer ID extracted → From API key lookup
3. Database session set → SET app.customer_id = 'uuid'
4. Query executed → RLS policy filters results
5. Response returned → Only customer's data

Example

Two customers query the same endpoint:

Customer A

curl https://api.athenatrust.ai/v1/audit-trail \
  -H "Authorization: Bearer CUSTOMER_A_KEY"

Returns only Customer A's decisions.

Customer B

curl https://api.athenatrust.ai/v1/audit-trail \
  -H "Authorization: Bearer CUSTOMER_B_KEY"

Returns only Customer B's decisions.

Same database. Complete isolation.

What's Isolated

Data Type

Isolated?

Mechanism

Decisions

✅

RLS

Audit trail

✅

RLS

API keys

✅

RLS

Webhooks

✅

RLS

Users

✅

RLS

Settings

✅

RLS

Exports

✅

RLS

Shared Resources

Some resources are intentionally shared:

Resource

Shared?

Reason

Intelligence engines

✅

Algorithms, not data

Export templates

✅

Standard formats

Rate limit counters

Per-customer

Fair usage

Testing Isolation

We continuously test isolation:

// Test that Customer A can't access Customer B's data
it('should not return other customer data', async () => {
  const response = await api.get('/audit-trail', {
    headers: { Authorization: `Bearer ${customerAKey}` }
  });
  
  for (const decision of response.data.decisions) {
    expect(decision.customerId).toBe(customerAId);
  }
});

Security Guarantees

No cross-customer queries — Impossible at database level
No data leakage — RLS prevents accidental exposure
No privilege escalation — API keys scoped to customer
Audit trail — All access logged per customer

Next: SOC 2 Compliance

PreviousData Encryption NextSOC 2 Compliance

Last updated 1 month ago

Good morning

hashtagHow It Works

hashtagEnforcement Levels

hashtagValidation

hashtagHow Requests Are Isolated

hashtagExample

hashtagCustomer A

hashtagCustomer B

hashtagWhat's Isolated

hashtagShared Resources

hashtagTesting Isolation

hashtagSecurity Guarantees